Watch Out For World Of Warcraft's Newest Thieving Scam

July 08,2016 03:12

By using /run commands, World of Warcraft players can run special scripts that allow them to do all sorts of things within the game, like design custom user interfaces. The flip side is that users unfamiliar with the code might blindly run a custom ...and more »

Submitted to Blizzard by Michael ShortThe World of Warcraft community is abuzz over an infectious, gold-stealing scam affecting players across realms.This morning, VICE Motherboard reported that a scam with â€œa sophisticated combination of social engineering and malicious codeâ€ is spreading through a sort of viral word-of-mouth chat script.On Reddit, WoW player MrNoobyy described how another player, impersonating a representative from a known guild, spammed his trade chat claiming to sell Mythic gear and mounts at a good price. When MrNoobyy inquired further in a direct message, the player asked to see MrNoobyyâ€™s gold in a trade window. Thatâ€™s when things get scammy: The player then pasted a /run command, code that runs a new application, into the chat box, claiming that the guild uses â€œcustom raid bars and alot of stuff interferes with our UI [user interface].â€ The scammer then asked MrNoobyy to enter that command.By using /run commands, World of Warcraft players can run special scripts that allow them to do all sorts of things within the game, like design custom user interfaces. The flip side is that users unfamiliar with the code might blindly run a custom script that was created by a scammer, inadvertently doing something unpleasantâ€¦ like giving them all of their gold.Most players know not to /whisper to strangers or enter commands they arenâ€™t familiar with. Unfortunately, the scam appears to account for that. MrNoobyy didnâ€™t bite the bait, but he said that a week later, his Guild Master messaged him with the same script. Players who run the command have found that their gold coffers are emptied and they become part of the scam, /whispering the viral script to other players. Victims are more inclined to believe that the messages are legitimate when theyâ€™re coming from longtime friends or guild members.One Redditor said that a number of people in his trade each lost over 500,000 gold, a high sum that requires weeks of toil.

A transcript from a WoW community forumItâ€™s not quite clear exactly how this scam functions. The most well-received explanation on the WoW subreddit reads: â€œIt works by replacing a global function that gets called (by the vanilla chat frame) whenever a message is received, with a function that runs the message as if it had been written after /run by the receiver. It allows them to remotely script your UI. The piece of code they whisper you after you input the seemingly harmless /run hooks it up to the chat message event, allowing them to hide any script messages. Meaning they can do anything an addon can, but remotely without you knowing it.â€ Essentially, his theory is that another person gains control of the victim through a hidden chat channel enabled by the /run command.Multiple players have reported the scam to Blizzard, one alleging that it took nine hours for Blizzard to address a repeat offender. Yesterday on the World of Warcraft subreddit, a Blizzard representative said that theyâ€™re looking into the scam. Blizzard has not yet responded to a Kotaku request for comment.Here are Blizzardâ€™s tips for avoiding in-game scams.